StigRepo

1.3

The Stig-Repo module leverages PowerSTIG and Desired State Configuration to build and drive the STIG Compliance Automation Repository (SCAR) - an automated Infrastructure as Code framework for Security Technical Implementation Guide (STIG) Compliance.

SCAR accelerates Azure readiness and ATO/CCRI processes through automated STIG compliance and digital transformatio
The Stig-Repo module leverages PowerSTIG and Desired State Configuration to build and drive the STIG Compliance Automation Repository (SCAR) - an automated Infrastructure as Code framework for Security Technical Implementation Guide (STIG) Compliance.

SCAR accelerates Azure readiness and ATO/CCRI processes through automated STIG compliance and digital transformation by establishing an infrastructure as code platform that organizations can customize build on top of to quickly establish and deploy Azure baselines.

Primary Capabilities:

1. Initialize-StigRepo: Builds the STIG Compliance Automation Repository and installs dependencies on the local system
2. New-SystemData: Scans the Active Directory Environment for targetted systems, determines applicable STIGs, and generates DSC configuration data
3. Start-DscBuild: Generates DSC Configuration scripts and MOF files for all DSC Nodes
4. Sync-DscModules: Syncs DSC module dependencies across all DSC Nodes
5. Set-WinRMConfig: Expands MaxEnvelopSize on all DSC nodes
6. Get-StigChecklists: Generates STIG Checklists for all applicable STIGs for each DSC Node
7. Update-StigRepo: Updates/downloads latest dependencies to SCAR Repo and upgrades STIG Data Files

Dependencies

1. Must be executed from an internet-connected system to install module dependencies
2. Must be executed from a system with the Active Directory module installed.
3. DSCSM Leverages PowerSTIG to drive the dynamic DSC configurations included withint he module (installed with Build-Repo or Update-ScarRepo)
4. Powershell Version 5.1 or greater

The STIG Compliance Automation Repository Structure
SCAR organizes the repository to deploy and document STIGs using the folders listed below:

1. Systems: Folders for each identified Organizational Unit in Active Directory and a Powershell Data file for each identified system.
2. Configurations: Dynamic PowerSTIG Configurations for that are customized by paremeters provided within system data files.
3. Artifacts: Consumable items produced by SCAR. SCAR produces DSCConfigs, MOFS, and STIG Checklists out of the box.
4. Resources: Dependendencies leveraged by SCAR to generate SystemData and Artifacts. SCAR has Modules, Stig Data, and Wiki resources out of the box.

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name StigRepo

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Author(s)

Microsoft Corporation

Copyright

Copyright (c) Microsoft Corporation. All rights reserved.

Owners

Dependencies

This module has no dependencies.

Version History

Version Downloads Last updated
1.3 (current version) 25 6/16/2021
1.2 60 6/7/2021